Skip to content

EXTENDROM_SIGNING_PATCHES

Jump to bottom
steadfasterX edited this page Aug 17, 2023 · 3 revisions

EXTENDROM_SIGNING_PATCHES

State

State Branch Supported Android versions Tested on [1]
STABLE main A9, A10, A11, A12, A13 A10, A12, A13

[1] will very likely work on lower and/or higher Android versions, too

Flags

flag values meaning where to configure
EXTENDROM_SIGNING_PATCHES can be unset or true must be true to activate patching android sources device/<vendor>/<model>/vendorsetup.sh or device/<vendor>/<model>/<any>.mk

Required flags (device/<vendor>/<model>/vendorsetup.sh)

  • EXTENDROM_SIGNING_PATCHES = true

This adds support for

  • increased key size within system/update_engine (i.e. Android Settings -> Updater), allowing to verify OTA packages signatures up to sha256 + 8192bit
  • increased key and hash sizes within recovery (only!*) allowing to verify ADB sideload zip signatures up to sha512 + 8192bit

*) Note: if you plan to use the sha512 hash algorithm to sign your OTA packages you can apply them by ADB sideload within recovery only. That means OTA updates within Android will fail until system/update_engine has been patched, too (which is not part of extendrom - atm).

Optional flags (device/<vendor>/<model>/vendorsetup.sh)

  • N/A
Clone this wiki locally